@crewhaus/policy-engine 0.1.0 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +7 -12
- package/src/index.test.ts +26 -1
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@crewhaus/policy-engine",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.2",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "Side-effect classification + audit-and-allow policy decisions for the managed-daemon target",
|
|
6
6
|
"main": "src/index.ts",
|
|
@@ -12,14 +12,14 @@
|
|
|
12
12
|
"test": "bun test src"
|
|
13
13
|
},
|
|
14
14
|
"dependencies": {
|
|
15
|
-
"@crewhaus/audit-log": "0.
|
|
16
|
-
"@crewhaus/errors": "0.
|
|
15
|
+
"@crewhaus/audit-log": "0.1.2",
|
|
16
|
+
"@crewhaus/errors": "0.1.2"
|
|
17
17
|
},
|
|
18
18
|
"license": "Apache-2.0",
|
|
19
19
|
"author": {
|
|
20
20
|
"name": "Max Meier",
|
|
21
|
-
"email": "max@
|
|
22
|
-
"url": "https://
|
|
21
|
+
"email": "max@crewhaus.ai",
|
|
22
|
+
"url": "https://crewhaus.ai"
|
|
23
23
|
},
|
|
24
24
|
"repository": {
|
|
25
25
|
"type": "git",
|
|
@@ -31,12 +31,7 @@
|
|
|
31
31
|
"url": "https://github.com/crewhaus/factory/issues"
|
|
32
32
|
},
|
|
33
33
|
"publishConfig": {
|
|
34
|
-
"access": "
|
|
34
|
+
"access": "public"
|
|
35
35
|
},
|
|
36
|
-
"files": [
|
|
37
|
-
"src",
|
|
38
|
-
"README.md",
|
|
39
|
-
"LICENSE",
|
|
40
|
-
"NOTICE"
|
|
41
|
-
]
|
|
36
|
+
"files": ["src", "README.md", "LICENSE", "NOTICE"]
|
|
42
37
|
}
|
package/src/index.test.ts
CHANGED
|
@@ -3,7 +3,7 @@ import { mkdtempSync, rmSync } from "node:fs";
|
|
|
3
3
|
import { tmpdir } from "node:os";
|
|
4
4
|
import { join } from "node:path";
|
|
5
5
|
import { type AuditLog, openAuditLog } from "@crewhaus/audit-log";
|
|
6
|
-
import { type PolicyRule, auditPolicyDecision, evaluatePolicy } from "./index";
|
|
6
|
+
import { PolicyEngineError, type PolicyRule, auditPolicyDecision, evaluatePolicy } from "./index";
|
|
7
7
|
|
|
8
8
|
let tmp: string;
|
|
9
9
|
let log: AuditLog;
|
|
@@ -115,6 +115,31 @@ describe("tenant overrides win over defaults", () => {
|
|
|
115
115
|
});
|
|
116
116
|
});
|
|
117
117
|
|
|
118
|
+
describe("PolicyEngineError", () => {
|
|
119
|
+
test("carries config code, stable name, and preserves the cause chain", () => {
|
|
120
|
+
const cause = new Error("bad rule glob");
|
|
121
|
+
const err = new PolicyEngineError("invalid policy config", cause);
|
|
122
|
+
expect(err).toBeInstanceOf(Error);
|
|
123
|
+
expect(err.name).toBe("PolicyEngineError");
|
|
124
|
+
expect(err.code).toBe("config");
|
|
125
|
+
expect(err.message).toBe("invalid policy config");
|
|
126
|
+
expect(err.cause).toBe(cause);
|
|
127
|
+
// Serializes its cause chain for the logging layer.
|
|
128
|
+
expect(err.toJSON()).toMatchObject({
|
|
129
|
+
name: "PolicyEngineError",
|
|
130
|
+
code: "config",
|
|
131
|
+
message: "invalid policy config",
|
|
132
|
+
cause: { name: "Error", message: "bad rule glob" },
|
|
133
|
+
});
|
|
134
|
+
});
|
|
135
|
+
|
|
136
|
+
test("constructs without a cause", () => {
|
|
137
|
+
const err = new PolicyEngineError("no cause");
|
|
138
|
+
expect(err.cause).toBeUndefined();
|
|
139
|
+
expect(err.toJSON().cause).toBeUndefined();
|
|
140
|
+
});
|
|
141
|
+
});
|
|
142
|
+
|
|
118
143
|
describe("auditPolicyDecision", () => {
|
|
119
144
|
test("audit-and-allow appends a policy_decision record", async () => {
|
|
120
145
|
const r = await auditPolicyDecision(
|